每当我连接到主机时,我都会看到
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:J6ErF8jeZVKGsg0db5u2hiNeQbH4pdGzPcbpGXZhOm8.
Please contact your system administrator.
Add correct host key in /home/ecarroll/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/ecarroll/.ssh/known_hosts:50
remove with:
ssh-keygen -f "/home/ecarroll/.ssh/known_hosts" -R "10.1.38.15"
ECDSA host key for 10.1.38.15 has changed and you have requested strict checking.
Host key verification failed.
我可以避免打字的需要
ssh-keygen -f "/home/ecarroll/.ssh/known_hosts" -R "10.1.38.15"
-o StrictHostKeyChecking=no通过在 ssh 调用中使用。然而,即使我这样做了。我明白了,
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:ZVbYVYb0m3udeHMkycdZCF4HK7sGUzVnQmhTjDFTa6Y.
Please contact your system administrator.
Add correct host key in /home/ecarroll/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/ecarroll/.ssh/known_hosts:50
remove with:
ssh-keygen -f "/home/ecarroll/.ssh/known_hosts" -R "10.1.38.15"
Password authentication is disabled to avoid man-in-the-middle attacks.
Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.
Agent forwarding is disabled to avoid man-in-the-middle attacks.
你会在底部看到这一行,
Agent forwarding is disabled to avoid man-in-the-middle attacks.
无论如何我可以吗仍然启用代理转发?
答案1
作为解决此问题的方法,您可以删除该文件 - 不用担心您只需执行一次。然后混合这两个选项,
StrictHostKeyChecking=no
UserKnownHostsFile=/dev/null
您可以将其放入 ssh 配置文件中,~/.ssh/config或将其设为别名,
alias ssh0="ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
这将转发代理,并在多个盒子上工作,无需任何进一步的配置。